Android_Hid – Use Android As Rubber Ducky Against Another Android Device
Use Android as Rubber Ducky against another Android device HID attack using AndroidUsing Android as Rubber Ducky against Android. This...
Tools
KICS – Find Security Vulnerabilities, Compliance Issues, And Infrastructure Misconfigurations Early In The Development Cycle Of Your Infrastructure-As-Code
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx....
Boomerang – A Tool To Expose Multiple Internal Servers To Web/Cloud
Boomerang is a tool to expose multiple internal servers to web/cloud using HTTP+TCP Tunneling. The Server will expose 2 ports...
BadOutlook – (Kinda) Malicious Outlook Reader
A simple PoC which leverages the Outlook Application Interface (COM Interface) to execute shellcode on a system based on a...
CallObfuscator – Obfuscate Specific Windows Apis With Different APIs
Obfuscate (hide) the PE imports from static/dynamic analysis tools. TheoryThis's pretty forward, let's say I've used VirtualProtect and I want...
Search-That-Hash – Searches Hash APIs To Crack Your Hash Quickly, If Hash Is Not Found Automatically Pipes Into HashCat
The Fastest Hash Cracking System pip3 install search-that-hash && sth Tired of going to every website to crack your hash?...
Obfuscation_Detection – Collection Of Scripts To Pinpoint Obfuscated Code
Automatically detect control-flow flattening and other state machines Author: Tim BlazytkoDescription:Scripts and binaries to automatically detect control-flow flattening and other state...
cve_manager_VS – A Collection Of Python Apps And Shell Scripts To Email An Xlsx Spreadsheet Of New Vulnerabilities In The NIST CVE Database And Their Associated Products On A Daily Schedule
A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE...
Retoolkit – Reverse Engineer’s Toolkit
This is a collection of tools you may like if you are interested on reverse engineering and/or malware analysis on...
Smogcloud – Find Cloud Assets That No One Wants Exposed
Find exposed AWS cloud assets that you did not know you had. A comprehensive asset inventory is step one to...
Gitrecon – OSINT Tool To Get Information From A Github Profile And Find GitHub User’S Email Addresses Leaked On Commits
OSINT tool to get information from a github profile and find GitHub user's email addresses leaked on commits.How does this...
OSCP-Exam-Report-Template-Markdown – Markdown Templates For Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP Exam Report
I created an Offensive Security Exam Report Template in Markdown so LaTeX, Microsoft Office Word, LibreOffice Writer are no longer...
Kraker – Distributed Password Brute-Force System That Focused On Easy Use
Kraker is a distributed password brute-force system that allows you to run and manage the hashcat on different servers and...
CTF-Party – A Ruby Library To Enhance And Speed Up Script/Exploit Writing For CTF Players
A library to enhance and speed up script/exploit writing for CTF players (or security researchers, bug bounty hunters, pentesters but...
Godehashed – Tool That Uses The Dehashed.Com API To Search For Compromised Assets
A golang tool that uses the dehashed.com API to search for compromised assets. Results can then be compiled into a...
ProxyLogon – PoC Exploit for Microsoft Exchange
PoC Exploit for Microsoft Exchange Launche Original PoC: https://github.com/testanullHow to use:python proxylogon.py <name or IP of server> <user@fqdn> Example:python proxylogon.py...
Netmap.Js – Fast Browser-Based Network Discovery Module
Fast browser-based network discovery module Descriptionnetmap.js provides browser-based host discovery and port scanning capabilities to allow you to map website...
Vajra – A Highly Customi zable Target And Scope Based Automated Web Hacking Framework To Automate Boring Recon Tasks
An automated web hacking framework for web applications Detailed insight about Vajra can be found athttps://hackwithproxy.medium.com/introducing-vajra-an-advanced-web-hacking-framework-bd8307a01aa8 About Vajra Vajra is an...
Subcert – An Subdomain Enumeration Tool, That Finds All The Subdomains From Certificate Transparency Logs
Subcert is a subdomain enumeration tool, that finds all the valid subdomains from certificate transparency logs. SetupStep 1: Install Python...
Mole – A Framework For Identifying And Exploiting Out-Of-Band Application Vulnerabilities
A framework for identifying and exploiting out-of-band (OOB) vulnerabilities. Installation & SetupMole InstallPython >= 3.6 virtualenv -p /usr/bin/python3 venv source...
Invoke-SocksProxy – Socks Proxy, And Reverse Socks Server Using Powershell
Creates a local or "reverse" Socks proxy using powershell. The local proxy is a simple Socks 4/5 proxy. The reverse...
Reverse-Shell-Generator – Hosted Reverse Shell Generator With A Ton Of Functionality
Hosted Reverse Shell generator with a ton of functionality -- (great for CTFs) Hosted Instancehttps://revshells.com FeaturesGenerate common listeners and reverse...
OffensivePipeline – Tool To Download, Compile (Without Visual Studio) And Obfuscate C# Tools For Red Team Exercises
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises. OffensivePipeline downloads the tool...
Rafel-Rat – Android Rat Written In Java With WebPanel For Controlling Victims
Rafel is Remote Access Tool Used to Control Victims Using WebPanel With More Advance Features.Main FeaturesAdmin Permission Add App To...
